Posted on 06-03-2022 12:04 AM
Hello! This might be a considerably dumb request, I apologize in advance.
I'd like to make it so that when we deploy JAMF Connect, users have to complete an MFA prompt if they are online when they sign on, but continue without it if they're offline...if that makes sense. Does it make perfect sense from a security side? No not really, but I'd like to enforce MFA wherever possible while allowing them to bypass if no internet is detected.
Essentially, here is the workflow I want:
User signs in >> JAMF Connect detects internet >> MFA Prompt
User signs in >> JAMF Connect doesn't detect internet >> Continue on through
I can't seem to make a "Local Login" button pop up like the documentation says either (even with OIDCLocalAuthButton and LocalFallback enabled), which would theoretically fix this. I also don't want to add every single user to the "DenyLocalExcluded" group, that would be chaos. Is this possible or is it too stupid?
Posted on 06-09-2022 07:42 AM
I'm looking for the same functionality.